PfSense newbie looking for advice
-
Hi Everyone.
Let me start by saying, thanks for this wonderful project.
I run a small cPanel hosting service and I am trying to address the issue with SYN/Sppofed-SYN attacks we've been getting lately on our server.
First of all, can pfSense + SNORT module help with stopping SYN/SSYN attacks? To what extent?All the DOS/DDOS filtered dedicated hosting is too expensive (the goods ones anyway), so I was planning on investing on a new server and set it up like this (I am complete newbie with pfSense with some knowledge about networking - enough to get by). I was wondering if this setup would work?
The Server
e3 Xeon 1230
4 Cores 8 Threads
16GB RAM
1+TB HD/120+GB SSD
1Gbps PortThe Setup
I will be using XEN Hyper-V (http://xen.org/products/xenhyp.html) and on the server, there will be two VPS:
- pfSense VPS
- cPanel VPS (running VPS Optimised cPanel)
Some questions I had (for now)
-
Would I be able to use one VPS to filter the traffic and pass it onto the other VPS running cPanel?
-
Is there any limitation with one NIC on the physical server? Will I need more?
-
Im no means in any way an expert but will link CMB from another thread:
http://forum.pfsense.org/index.php/topic,51238.0.html